Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/93e8dab6-1e6d-4024-9f3c-1682d7470dcc.roa
File:                     93e8dab6-1e6d-4024-9f3c-1682d7470dcc.roa (raw, json)
Hash identifier:          HQSYPnKxuWwcscIxBvvXmi5nvLiBSiopKhqMXe1OX/8=
Subject key identifier:   E2:A6:1F:1F:68:DA:18:D4:E2:54:DE:EF:03:AB:F7:9A:9E:3E:0E:E1
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       1AE760A2955DF8D4AF79B099B8A3EE368A4B5535
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/93e8dab6-1e6d-4024-9f3c-1682d7470dcc.roa
Signing time:             Fri 01 Aug 2025 15:12:04 +0000
ROA not before:           Fri 01 Aug 2025 15:12:04 +0000
ROA not after:            Fri 05 Sep 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        136.18.0.0/20 maxlen: 20
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Thu 07 Aug 2025 17:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            1a:e7:60:a2:95:5d:f8:d4:af:79:b0:99:b8:a3:ee:36:8a:4b:55:35
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Aug  1 15:12:04 2025 GMT
            Not After : Sep  5 23:59:59 2025 GMT
        Subject: serialNumber=96ad6743558d20abd3dfa4a7481d0e59c53cc2e565ddc4392b91ee998e65f647, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b9:9d:bf:b9:a4:90:88:5f:c2:16:73:bd:43:e3:
                    ad:9e:98:67:01:ec:30:5a:5a:58:06:f1:a9:eb:92:
                    86:07:c3:6e:27:64:df:b0:fe:50:51:a7:42:12:1b:
                    bc:08:3b:e0:44:55:58:5b:ec:08:fb:09:5d:cc:ea:
                    4b:b4:a7:1c:78:59:c0:be:5b:53:d6:7b:90:40:ca:
                    46:2f:9e:d5:d9:b7:27:97:8c:f1:4c:b1:60:e1:36:
                    c9:28:85:f9:f2:a6:3a:82:20:90:4a:3e:15:39:4f:
                    c3:ab:bf:b6:ad:47:0e:71:14:1f:67:53:38:04:4a:
                    7e:b1:b3:ee:8e:fa:2e:38:e3:95:ca:ca:83:03:0c:
                    ad:d2:92:5a:dc:8e:0f:38:c0:2d:6c:e0:58:8a:9c:
                    e8:28:b0:eb:47:7e:50:43:1e:8d:af:4e:23:2a:93:
                    38:63:a9:28:ef:d7:a2:c5:c6:2b:5e:36:3d:61:29:
                    b0:11:50:1d:9a:bf:8b:14:bf:62:45:67:fa:dd:4e:
                    94:ec:72:1c:0d:19:e9:b6:cb:0e:07:f9:44:7c:a2:
                    f5:39:6f:c1:55:f7:b4:9e:17:e0:9a:e4:75:ad:e2:
                    a7:9f:f0:d6:58:21:90:d4:16:ba:7c:7e:07:19:de:
                    da:be:06:19:60:1a:ce:4c:ba:21:79:19:58:b0:34:
                    ab:c3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E2:A6:1F:1F:68:DA:18:D4:E2:54:DE:EF:03:AB:F7:9A:9E:3E:0E:E1
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/93e8dab6-1e6d-4024-9f3c-1682d7470dcc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  136.18.0.0/20

    Signature Algorithm: sha256WithRSAEncryption
         29:b5:bb:b0:14:f6:de:13:84:1b:63:06:dd:5a:34:b2:b2:1e:
         92:2d:e6:4e:af:f1:1e:dd:51:58:4f:fe:15:42:07:7d:8e:40:
         e8:e0:17:9d:ac:7f:52:22:2e:57:f8:17:2d:08:4b:10:6f:57:
         b4:2c:ca:e4:96:6c:d8:1a:42:92:07:a1:37:a2:40:21:c4:17:
         d5:50:7b:11:4d:e2:22:b8:65:50:4e:1d:e3:8d:c6:f4:fe:8d:
         1a:24:61:e2:e1:25:fb:5f:57:61:db:08:ff:2c:b7:03:49:9e:
         a2:60:8d:d8:98:86:5e:4a:d7:c7:22:ac:ea:71:0e:e7:7e:e1:
         2c:67:45:27:1c:e9:91:43:de:0b:d7:f9:03:81:fc:73:ee:0d:
         a4:fe:9d:34:e9:ae:ce:d5:47:23:d3:5a:cd:70:50:d2:8d:c5:
         5d:04:7c:6c:49:77:30:e9:16:38:d3:0d:12:b5:e8:13:dc:89:
         5d:a0:8b:83:b3:7b:72:55:96:d9:82:a4:08:a4:4c:1c:57:2b:
         fa:7c:9c:ce:20:cc:9e:93:24:8a:57:ca:21:0a:e5:8d:51:35:
         90:50:40:99:e5:69:61:fe:d5:c9:38:6f:27:ac:20:38:be:c8:
         fc:5f:d9:e7:8b:e9:3e:0a:25:fd:bd:75:8c:11:95:b0:bf:59:
         48:e6:2d:93
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUGudgopVd+NSvebCZuKPuNopLVTUwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwODAxMTUxMjA0WhcNMjUwOTA1MjM1OTU5
WjB6MUkwRwYDVQQFE0A5NmFkNjc0MzU1OGQyMGFiZDNkZmE0YTc0ODFkMGU1OWM1
M2NjMmU1NjVkZGM0MzkyYjkxZWU5OThlNjVmNjQ3MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC5nb+5pJCIX8IWc71D462emGcB7DBaWlgG8anrkoYHw24n
ZN+w/lBRp0ISG7wIO+BEVVhb7Aj7CV3M6ku0pxx4WcC+W1PWe5BAykYvntXZtyeX
jPFMsWDhNskohfnypjqCIJBKPhU5T8Orv7atRw5xFB9nUzgESn6xs+6O+i4445XK
yoMDDK3Sklrcjg84wC1s4FiKnOgosOtHflBDHo2vTiMqkzhjqSjv16LFxiteNj1h
KbARUB2av4sUv2JFZ/rdTpTschwNGem2yw4H+UR8ovU5b8FV97SeF+Ca5HWt4qef
8NZYIZDUFrp8fgcZ3tq+BhlgGs5MuiF5GViwNKvDAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQU4qYfH2jaGNTiVN7vA6v3mp4+DuEwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzkzZThkYWI2LTFlNmQtNDAyNC05ZjNjLTE2ODJkNzQ3MGRjYy5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBASIEgAwDQYJKoZIhvcNAQELBQADggEBACm1u7AU9t4ThBtjBt1aNLKyHpIt
5k6v8R7dUVhP/hVCB32OQOjgF52sf1IiLlf4Fy0ISxBvV7QsyuSWbNgaQpIHoTei
QCHEF9VQexFN4iK4ZVBOHeONxvT+jRokYeLhJftfV2HbCP8stwNJnqJgjdiYhl5K
18cirOpxDud+4SxnRScc6ZFD3gvX+QOB/HPuDaT+nTTprs7VRyPTWs1wUNKNxV0E
fGxJdzDpFjjTDRK16BPciV2gi4Oze3JVltmCpAikTBxXK/p8nM4gzJ6TJIpXyiEK
5Y1RNZBQQJnlaWH+1ck4byesIDi+yPxf2eeL6T4KJf29dYwRlbC/WUjmLZM=
-----END CERTIFICATE-----
Generated at Tue Aug 5 17:30:43 2025 by rpki-client